<?php
include_once 'data.php';
$librarian_url = $url;

if (isset($_SESSION['auth']) && ($_SESSION['permissions'] == 'A' || $_SESSION['permissions'] == 'U')) {

    $proxy_name = '';
    $proxy_port = '';
    $proxy_username = '';
    $proxy_password = '';

    if (isset($_SESSION['connection']) && ($_SESSION['connection'] == "autodetect" || $_SESSION['connection'] == "url")) {
        if(!empty($_POST['proxystr'])) {
            $proxy_arr = explode (';', $_POST['proxystr']);
            foreach ($proxy_arr as $proxy_str) {
                if (stripos(trim($proxy_str), 'PROXY') === 0) {
                    $proxy_str = trim(substr ($proxy_str, 6));
                    $proxy_name = parse_url($proxy_str, PHP_URL_HOST);
                    $proxy_port = parse_url($proxy_str, PHP_URL_PORT);
                    $proxy_username = parse_url($proxy_str, PHP_URL_USER);
                    $proxy_password = parse_url($proxy_str, PHP_URL_PASS);
                    break;
                }
            }
        }
    } else {
        if(isset($_SESSION['proxy_name'])) $proxy_name = $_SESSION['proxy_name'];
        if(isset($_SESSION['proxy_port'])) $proxy_port = $_SESSION['proxy_port'];
        if(isset($_SESSION['proxy_username'])) $proxy_username = $_SESSION['proxy_username'];
        if(isset($_SESSION['proxy_password'])) $proxy_password = $_SESSION['proxy_password'];
    }

$user_id = intval($_SESSION['user_id']);
$user = $_SESSION['user'];

session_write_close();

include_once 'functions.php';

$error = '';

if (isset($_POST['file'])) $_GET['file'] = $_POST['file'];

##########	reference updating from PubMed	##########

if (isset($_GET['autoupdate'])) {

	##########	read reference data	##########

	database_connect($database_path, 'library');

	$file_query = $dbHandle->quote($_GET['file']);
	$user_query = $dbHandle->quote($user);

	$record = $dbHandle->query("SELECT * FROM library WHERE id=$file_query LIMIT 1");
	$paper = $record->fetch(PDO::FETCH_ASSOC);

	$record = null;
	$dbHandle = null;

	$uid_array = explode ("|", $paper['uid']);

	foreach ($uid_array as $uid_element) {

		$uid_array2 = explode (":", $uid_element);
		if ($uid_array2[0] == 'PMID') $uid = trim($uid_array2[1]);
	}

	if (empty($uid)) {

		$pubmed_query = array();

		if (!empty($paper['authors'])) preg_match('/^\S+/i', $paper['authors'], $author);

		if (!empty($paper['title'])) {

			$title_words = str_word_count($paper['title'], 1);

			$strlens = array();

			while (list($key, $word) = each($title_words)) {

				$strlens[$word] = strlen($word);
			}

			arsort($strlens);
			$title_word = key($strlens);
		}

                if (!empty($paper['year'])) {
                    if(is_numeric($paper['year'])) {
                        $year = $paper['year'];
                    } else {
                        $year = date('Y', strtotime($paper['year']));
                    }
                }

		if (!empty($paper['authors'])) $pubmed_query[] = "$author[0] [AU]";
		if (!empty($paper['title'])) $pubmed_query[] = "$title_word [TI]";
		if (!empty($paper['year'])) $pubmed_query[] = $year." [DP]";
		if (!empty($paper['volume'])) $pubmed_query[] = "$paper[volume] [VI]";
		if (!empty($paper['pages'])) $pubmed_query[] = "$paper[pages] [PG]";
                
		$pubmed_query = join(" AND ", $pubmed_query);
		$pubmed_query = urlencode($pubmed_query);

                if (!empty($paper['doi'])) $pubmed_query = $paper['doi'].'[AID]';

		$request_url = "http://www.ncbi.nlm.nih.gov/entrez/eutils/esearch.fcgi?db=Pubmed&term=$pubmed_query&usehistory=y&retstart=0&retmax=1&sort=&tool=I,Librarian&email=i.librarian.software@gmail.com";

		$xml = proxy_simplexml_load_file ($request_url, $proxy_name, $proxy_port, $proxy_username, $proxy_password);

		$count = $xml->Count;
		if ($count == 1) $uid = $xml->IdList->Id;
	}

	if (!empty($uid)) {

		$pmid_url = $uid;

		##########	open efetch, read xml	##########

		$xml_string = '';

		$request_url = "http://www.ncbi.nlm.nih.gov/entrez/eutils/efetch.fcgi?db=Pubmed&rettype=abstract&retmode=XML&id=$pmid_url&tool=I,Librarian&email=i.librarian.software@gmail.com";

		$xml = proxy_simplexml_load_file ($request_url, $proxy_name, $proxy_port, $proxy_username, $proxy_password);

		foreach ($xml->PubmedArticle->PubmedData->ArticleIdList->ArticleId as $articleid) {

			preg_match ('/10\.\d{4}\/\S+/i', $articleid, $doi_match);

			if (count($doi_match) > 0) {
				$paper['doi'] = current($doi_match);
				break;
			}
		}

		$uid_array = array();
		$uid_array = explode ("|", $paper['uid']);
		$paper['uid'] = array_values(array_filter ( array_unique (array_merge ($uid_array, array ("PMID:$pmid_url")))));

		$url_array = array();
		$url_array = explode ("|", $paper['url']);
		$paper['url'] = array_values( array_filter ( array_unique (array_merge ($url_array, array ("http://www.pubmed.org/$pmid_url")))));

		$reference_type = strtolower($xml->PubmedArticle->MedlineCitation->Article->PublicationTypeList->PublicationType[0]);
		if (!empty($reference_type)) $paper['reference_type'] = $reference_type;

		$title = $xml->PubmedArticle->MedlineCitation->Article->ArticleTitle;
		if (!empty($title)) $paper['title'] = $title;

		$xml_abstract = $xml->PubmedArticle->MedlineCitation->Article->Abstract->AbstractText;

		if(!empty($xml_abstract)) {
			foreach ($xml_abstract as $mini_ab) {
				foreach($mini_ab->attributes() as $a => $b) {
					if ($a == 'Label') $mini_ab = $b.": ".$mini_ab;
				}
				$abstract_array[] = "$mini_ab";
			}
			$paper['abstract'] = implode(' ', $abstract_array);
		}

		$affiliation = $xml->PubmedArticle->MedlineCitation->Article->Affiliation;
		if (!empty($affiliation)) $paper['affiliation'] = $affiliation;

		$secondary_title = $xml->PubmedArticle->MedlineCitation->Article->Journal->Title;
		if (!empty($secondary_title)) $paper['secondary_title'] = $secondary_title;

		$day = $xml->PubmedArticle->MedlineCitation->Article->Journal->JournalIssue->PubDate->Day;
		$month = $xml->PubmedArticle->MedlineCitation->Article->Journal->JournalIssue->PubDate->Month;
		$year = $xml->PubmedArticle->MedlineCitation->Article->Journal->JournalIssue->PubDate->Year;

		if (empty($year)) {
			$year = (string) $xml->PubmedArticle->MedlineCitation->Article->Journal->JournalIssue->PubDate->MedlineDate;
			preg_match ('/\d{4}/', $year, $year_match);
			$year = $year_match[0];
		}

		$paper['year'] = '';
		if (!empty($year)) {
			if(empty($day)) $day = '01';
			if(empty($month)) $month = '01';
			$paper['year'] = date('Y-m-d', strtotime($day.'-'.$month.'-'.$year));
		}

		$volume = $xml->PubmedArticle->MedlineCitation->Article->Journal->JournalIssue->Volume;
		if (!empty($volume)) $paper['volume'] = $volume;

		$issue = $xml->PubmedArticle->MedlineCitation->Article->Journal->JournalIssue->Issue;
		if (!empty($issue)) $paper['issue'] = $issue;

		$pages = $xml->PubmedArticle->MedlineCitation->Article->Pagination->MedlinePgn;
		if (!empty($pages)) $paper['pages'] = $pages;

		$journal = $xml->PubmedArticle->MedlineCitation->MedlineJournalInfo->MedlineTA;
		if (!empty($journal)) $paper['journal'] = $journal;

		$authors = $xml->PubmedArticle->MedlineCitation->Article->AuthorList->Author;

		if (!empty($authors)) {
			foreach ($authors as $author) {
				$name_array[] = $author->LastName.' '.$author->Initials;
			}
		}

		$mesh = $xml->PubmedArticle->MedlineCitation->MeshHeadingList->MeshHeading;

		if (!empty($mesh)) {
			foreach ($mesh as $meshheading) {
				$mesh_array[] = $meshheading->DescriptorName;
			}
		}

		if (isset($name_array)) $paper['authors'] = join (", ", $name_array);
		if (isset($mesh_array)) $paper['keywords'] = join (" / ", $mesh_array);
	}

	if (empty($uid)) $error = "Error! Unique record not found.";

	$_POST = $paper;
	$_POST['form_sent'] = 1;
}

##########	reference updating	##########

if  (!empty($_POST['title']) && isset($_POST['form_sent'])) {

	##########	remove line breaks from certain POST values	##########

	$order   = array("\r\n", "\n", "\r");
	$keys = array ('authors', 'title', 'abstract', 'keywords');

	while (list($key, $field) = each($keys)) {

		if (!empty($_POST[$field])) {

			$_POST[$field] = str_replace($order, ' ', $_POST[$field]);
		}
	}

	##########	record publication data, table library	##########

	database_connect($database_path, 'library');

	$query = "UPDATE library SET authors=:authors, title=:title, journal=:journal, year=:year,
				abstract=:abstract, uid=:uid, volume=:volume, pages=:pages,
				secondary_title=:secondary_title, editor=:editor, url=:url,
				reference_type=:reference_type, publisher=:publisher, place_published=:place_published,
				keywords=:keywords, doi=:doi, authors_ascii=:authors_ascii,
				title_ascii=:title_ascii, abstract_ascii=:abstract_ascii,
                                custom1=:custom1, custom2=:custom2, custom3=:custom3, custom4=:custom4,
				affiliation=:affiliation, issue=:issue, modified_by=:modified_by,
                                modified_date=strftime('%Y-%m-%dT%H:%M:%S', 'now', 'localtime')
			WHERE id=:id";

	$stmt = $dbHandle->prepare($query);

	$stmt->bindParam(':id', $file_id, PDO::PARAM_INT);
	$stmt->bindParam(':authors', $authors, PDO::PARAM_STR);
	$stmt->bindParam(':title', $title, PDO::PARAM_STR);
	$stmt->bindParam(':journal', $journal, PDO::PARAM_STR);
	$stmt->bindParam(':year', $year, PDO::PARAM_STR);
	$stmt->bindParam(':abstract', $abstract, PDO::PARAM_STR);
	$stmt->bindParam(':uid', $uid, PDO::PARAM_STR);
	$stmt->bindParam(':volume', $volume, PDO::PARAM_STR);
	$stmt->bindParam(':pages', $pages, PDO::PARAM_STR);
	$stmt->bindParam(':secondary_title', $secondary_title, PDO::PARAM_STR);
	$stmt->bindParam(':editor', $editor, PDO::PARAM_STR);
	$stmt->bindParam(':url', $url, PDO::PARAM_STR);
	$stmt->bindParam(':reference_type', $reference_type, PDO::PARAM_STR);
	$stmt->bindParam(':publisher', $publisher, PDO::PARAM_STR);
	$stmt->bindParam(':place_published', $place_published, PDO::PARAM_STR);
	$stmt->bindParam(':keywords', $keywords, PDO::PARAM_STR);
	$stmt->bindParam(':doi', $doi, PDO::PARAM_STR);
	$stmt->bindParam(':authors_ascii', $authors_ascii, PDO::PARAM_STR);
	$stmt->bindParam(':title_ascii', $title_ascii, PDO::PARAM_STR);
	$stmt->bindParam(':abstract_ascii', $abstract_ascii, PDO::PARAM_STR);
	$stmt->bindParam(':affiliation', $affiliation, PDO::PARAM_STR);
	$stmt->bindParam(':issue', $issue, PDO::PARAM_STR);
        $stmt->bindParam(':custom1', $custom1, PDO::PARAM_STR);
        $stmt->bindParam(':custom2', $custom2, PDO::PARAM_STR);
        $stmt->bindParam(':custom3', $custom3, PDO::PARAM_STR);
        $stmt->bindParam(':custom4', $custom4, PDO::PARAM_STR);
	$stmt->bindParam(':modified_by', $modified_by, PDO::PARAM_INT);
	
	$file_id = $_POST['file'];

	if (empty($_POST['authors'])) {

		$authors = '';
		$authors_ascii = '';

	} else {

		$authors = $_POST['authors'];
		$authors_ascii = utf8_deaccent($authors);
	}

	$title = $_POST['title'];
	$title_ascii = utf8_deaccent($title);

	empty($_POST['journal']) ? $journal = '' : $journal = $_POST['journal'];

	if (!empty($_POST['journal2'])) $journal = $_POST['journal2'];

	empty($_POST['secondary_title']) ? $secondary_title = '' : $secondary_title = $_POST['secondary_title'];

	if (!empty($_POST['journal_full'])) $secondary_title = $_POST['journal_full'];

	empty($_POST['year']) ? $year = '' : $year = $_POST['year'];

	if (empty($_POST['abstract'])) {

		$abstract = '';
		$abstract_ascii = '';

	} else {

		$abstract = $_POST['abstract'];
		$abstract_ascii = utf8_deaccent($abstract);
	}

	empty($_POST['uid'][0]) ? $uid = '' : $uid = implode('|', array_filter($_POST['uid']));

	empty($_POST['volume']) ? $volume = '' : $volume = $_POST['volume'];

	empty($_POST['issue']) ? $issue = '' : $issue = $_POST['issue'];

	empty($_POST['pages']) ? $pages = '' : $pages = $_POST['pages'];

	empty($_POST['editor']) ? $editor = '' : $editor = $_POST['editor'];

	empty($_POST['url'][0]) ? $url = '' : $url = implode('|', array_filter($_POST['url']));

	empty($_POST['reference_type']) ? $reference_type = '' : $reference_type = $_POST['reference_type'];

	empty($_POST['publisher']) ? $publisher = '' : $publisher = $_POST['publisher'];

	empty($_POST['place_published']) ? $place_published = '' : $place_published = $_POST['place_published'];

	empty($_POST['keywords']) ? $keywords = '' : $keywords = $_POST['keywords'];

	empty($_POST['affiliation']) ? $affiliation = '' : $affiliation = $_POST['affiliation'];

	empty($user_id) ? $modified_by = '' : $modified_by = $user_id;

	empty($_POST['doi']) ? $doi = '' : $doi = $_POST['doi'];

        empty($_POST['custom1']) ? $custom1 = '' : $custom1 = $_POST['custom1'];

        empty($_POST['custom2']) ? $custom2 = '' : $custom2 = $_POST['custom2'];

        empty($_POST['custom3']) ? $custom3 = '' : $custom3 = $_POST['custom3'];

        empty($_POST['custom4']) ? $custom4 = '' : $custom4 = $_POST['custom4'];

	if(!empty($title)) $database_update = $stmt->execute();

	if ($database_update == false) $error = "Error! The database has not been updated.";

	$stmt = null;
	$dbHandle = null;

} elseif (isset($_POST['form_sent'])) {
	$error = 'Error! Title is mandatory.';
}

if(!empty($error)) die($error);

##########	read reference data	##########

database_connect($database_path, 'library');

$file_query = $dbHandle->quote($_GET['file']);
$user_query = $dbHandle->quote($user);

$record = $dbHandle->query("SELECT * FROM library WHERE id=$file_query LIMIT 1");
$paper = $record->fetch(PDO::FETCH_ASSOC);

$paper_urls = array();
if (!empty($paper['url'])) $paper_urls = explode('|', $paper['url']);

$paper_uids = array();
if (!empty($paper['uid'])) $paper_uids = explode('|', $paper['uid']);

if (empty($paper['bibtex'])) {
	$bibtex_author = substr($paper['authors'], 0, strpos($paper['authors'], ' '));
	if (strpos($paper['authors'], ' ') === false) $bibtex_author = $paper['authors'];
	if (empty($bibtex_author)) $bibtex_author = 'unknown';

	$bibtex_year_array = explode('-', $paper['year']);
	$bibtex_year = '0000';
	if (!empty($bibtex_year_array[0])) $bibtex_year = $bibtex_year_array[0];

	$paper['bibtex'] = utf8_deaccent($bibtex_author).'-'.$bibtex_year.'-ID'.$paper['id'];
}

$record = null;
$dbHandle = null;
?>
<form id="metadataform" enctype="multipart/form-data" action="edit.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000000">
<input type="hidden" name="form_sent">
<input type="hidden" name="file" value="<?php print htmlspecialchars($paper['id']) ?>">
<table cellpadding="0" cellspacing="0" border="0" style="width: 100%;margin-top: 0px;margin-bottom:1px">
<tr>
<td class="threedleft">
<button id="savemetadata">Save</button>
</td>
<td class="threedright">
<button id="autoupdate" title="Fetch data from PubMed">Update</button>
</td>
</tr>
<tr>
<td class="threedleft">
I, Librarian ID:
</td>
<td class="threedright">
 <?php print $paper['id'] ?>
</td>
</tr>
<tr>
<td class="threedleft">
BibTex key:
</td>
<td class="threedright">
 <?php print isset($paper['bibtex']) ? htmlspecialchars($paper['bibtex']) : '' ?>
</td>
</tr>
<?php
if (!empty($paper_uids)) {
	foreach($paper_uids as $paper_uid) {
?>
<tr>
<td class="threedleft">
Database UID:
</td>
<td class="threedright">
 <input type="text" size="80" name="uid[]" style="width: 99%" value="<?php print htmlspecialchars($paper_uid) ?>">
</td>
</tr>
<?php
	}
}
?>
<tr>
<td class="threedleft">
Database UID:
<div id="adduidrow" style="float:right;cursor:pointer">+</div>
</td>
<td class="threedright">
 <input type="text" size="80" name="uid[]" style="width: 99%" value="" title="<b>Examples:</b><br>PMID:123456<br>PMCID:123456<br>NASAADS:123456<br>ARXIV:123456<br>JSTOR:123456">
</td>
</tr>
<tr>
<td class="threedleft">
DOI:
</td>
<td class="threedright">
 <input type="text" size="80" name="doi" style="width: 99%" value="<?php print isset($paper['doi']) ? htmlspecialchars($paper['doi']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Title:
</td>
<td class="threedright">
<textarea name="title" cols="80" rows="2" style="width: 99%">
<?php echo isset($paper['title']) ? htmlspecialchars($paper['title']) : '' ?>
</textarea>
</td>
</tr>
<tr>
<td class="threedleft">
Authors:<br>(Smith JP, Doe RA)
</td>
<td class="threedright">
<textarea cols="80" rows="2" name="authors" style="width: 99%" title="Use Medline format:<br>Smith JP, Gupta S">
<?php echo isset($paper['authors']) ? htmlspecialchars($paper['authors']) : ''; ?>
</textarea>
</td>
</tr>
<tr>
<td class="threedleft">
Affiliation:
</td>
<td class="threedright">
<textarea cols="80" rows="2" name="affiliation" style="width: 99%">
<?php echo isset($paper['affiliation']) ? htmlspecialchars($paper['affiliation']) : ''; ?>
</textarea>
</td>
</tr>
<tr>
<td class="threedleft">
Journal abbreviation:
</td>
<td class="threedright">
<input type="text" size="80" name="journal" style="width: 99%" value="<?php print isset($paper['journal']) ? htmlspecialchars($paper['journal']) : '' ?>">
<br>
<select name="journal2" style="width: 99%">
<option></option>
<?php

	database_connect($database_path, 'library');
	$result = $dbHandle->query("SELECT DISTINCT journal FROM library ORDER BY journal ASC");
	$journals = $result->fetchAll(PDO::FETCH_COLUMN);
	$result = null;

	foreach($journals as $journal) {
		if (!empty($journal)) print "<option value=\"".htmlspecialchars($journal)."\">".htmlspecialchars($journal)."</option>\r\n";
	}
?>
</select>
</td>
</tr>
<tr>
<td class="threedleft">
Secondary title:<br>(journal full name)
</td>
<td class="threedright">
<input type="text" size="80" name="secondary_title" style="width: 99%" value="<?php print isset($paper['secondary_title']) ? htmlspecialchars($paper['secondary_title']) : '' ?>">
<br>
<select name="journal_full" style="width: 99%">
<option></option>
<?php
	$result = $dbHandle->query("SELECT DISTINCT secondary_title FROM library ORDER BY secondary_title ASC");
	$secondary_titles = $result->fetchAll(PDO::FETCH_COLUMN);
	$result = null;

	foreach($secondary_titles as $secondary_title) {
		if (!empty($secondary_title)) print "<option value=\"".htmlspecialchars($secondary_title)."\">".htmlspecialchars($secondary_title)."</option>\r\n";
	}
?>
</select>
</td>
</tr>
<tr>
<td class="threedleft">
Publication date:
</td>
<td class="threedright">
<input type="text" size="10" maxlength="10" name="year" value="<?php echo isset($paper['year']) ? htmlspecialchars($paper['year']) : '' ?>"> YYYY-MM-DD
</td>
</tr>
<tr>
<td class="threedleft">
Volume:
</td>
<td class="threedright">
<input type="text" size="10" name="volume" value="<?php echo isset($paper['volume']) ? htmlspecialchars($paper['volume']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Issue:
</td>
<td class="threedright">
<input type="text" size="10" name="issue" value="<?php echo isset($paper['issue']) ? htmlspecialchars($paper['issue']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Pages:
</td>
<td class="threedright">
<input type="text" size="10" name="pages" value="<?php echo isset($paper['pages']) ? htmlspecialchars($paper['pages']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Abstract:
</td>
<td class="threedright">
<textarea name="abstract" cols="80" rows="6" style="width: 99%">
<?php echo isset($paper['abstract']) ? htmlspecialchars($paper['abstract']) : '' ?>
</textarea>
</td>
</tr>
<tr>
<td class="threedleft">
Editor:
</td>
<td class="threedright">
<input type="text" size="80" name="editor" style="width: 99%" value="<?php echo isset($paper['editor']) ? htmlspecialchars($paper['editor']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Publisher:
</td>
<td class="threedright">
<input type="text" size="80" name="publisher" style="width: 99%" value="<?php echo isset($paper['publisher']) ? htmlspecialchars($paper['publisher']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Place published:
</td>
<td class="threedright">
<input type="text" size="80" name="place_published" style="width: 99%" value="<?php echo isset($paper['place_published']) ? htmlspecialchars($paper['place_published']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Keywords:
</td>
<td class="threedright">
<textarea name="keywords" cols="80" rows=2 style="width: 99%" title="Reserved for keywords provided by internet databases. For your custom keywords use Categories.<br>Separator: space, forward slash, space &quot; / &quot;">
<?php echo isset($paper['keywords']) ? htmlspecialchars($paper['keywords']) : '' ?>
</textarea>
</td>
</tr>
<?php
if (!empty($paper_urls)) {
	foreach($paper_urls as $paper_url) {
?>
<tr>
<td class="threedleft">
URL:
</td>
<td class="threedright">
 <input type="text" size="80" name="url[]" style="width: 99%" value="<?php print htmlspecialchars($paper_url) ?>">
</td>
</tr>
<?php
	}
}
?>
<tr>
<td class="threedleft">
URL:
<div id="addurlrow" style="float:right;cursor:pointer">+</div>
</td>
<td class="threedright">
 <input type="text" size="80" name="url[]" style="width: 99%" value="">
</td>
</tr>
<tr>
<td class="threedleft">
Publication type:
</td>
<td class="threedright">
 <input type="text" size="80" name="reference_type" style="width: 99%" value="<?php print isset($paper['reference_type']) ? htmlspecialchars($paper['reference_type']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Custom 1:
</td>
<td class="threedright">
 <input type="text" size="80" name="custom1" style="width: 99%" value="<?php print isset($paper['custom1']) ? htmlspecialchars($paper['custom1']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Custom 2:
</td>
<td class="threedright">
 <input type="text" size="80" name="custom2" style="width: 99%" value="<?php print isset($paper['custom2']) ? htmlspecialchars($paper['custom2']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Custom 3:
</td>
<td class="threedright">
 <input type="text" size="80" name="custom3" style="width: 99%" value="<?php print isset($paper['custom3']) ? htmlspecialchars($paper['custom3']) : '' ?>">
</td>
</tr>
<tr>
<td class="threedleft">
Custom 4:
</td>
<td class="threedright">
 <input type="text" size="80" name="custom4" style="width: 99%" value="<?php print isset($paper['custom4']) ? htmlspecialchars($paper['custom4']) : '' ?>">
</td>
</tr>
</table>
</form>
<script type="text/javascript">
<?php if (!empty($error)) print "$('#dialog-confirm').html('<p><span class=\"ui-state-error-text\"><span class=\"ui-icon ui-icon-alert\" style=\"float:left;margin:0px 7px 20px 0px\"></span></span>$error</p>').dialog('option','title','Error!').dialog('open');"; ?>
</script>
<?php
} else {
	print 'Super User or User permissions required.';
}
?>